This commit is contained in:
MasonLiu 2025-01-06 14:26:37 +08:00
parent 50b3bacd4c
commit 2655151c24
53 changed files with 6905 additions and 309 deletions

15
Core.py
View File

@ -18,7 +18,7 @@ from spider.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki
from spider.freebuf import freebuf_main
from spider.xianzhi import xianzhi_main
from spider.sougou_wx import sougou_wx_main
from spider.github import github_main
from spider.github import github_main, load_github_config
from GotoSend.M_4hou import Src_4hou
from GotoSend.anquanke import Src_anquanke
from GotoSend.doonsec import Src_doonsec
@ -54,8 +54,6 @@ signal.signal(signal.SIGINT, signal_handler) # Ctrl+C
signal.signal(signal.SIGTERM, signal_handler) # kill命令
webhook_url_once, timestamp_once, sign_once = gen_sign()
e_hour, time_choice, choice, fs_activate, wx_activate, ding_activate, lx_activate, url_web = get_core_config()
Sogou_WX, Doonsec_switch, Doonsec = get_kewords_config()
def check_avaliable(info_long, info_short, title, webhook_url, timestamp, sign):
@ -88,6 +86,8 @@ def check_avaliable(info_long, info_short, title, webhook_url, timestamp, sign):
logger.info(f"{title}数据为空,跳过执行。")
def send_job_RSS(time_1):
Sogou_WX, Doonsec_switch, Doonsec = get_kewords_config()
# print(f"当前配置信息Doonsec_switch{Doonsec_switch}")
# 爬取数据
seebug_main()
anquanke_main()
@ -101,7 +101,8 @@ def send_job_RSS(time_1):
# 分析各个数据源的结果(输出长结果)
result_4hou_long = Src_4hou(time_1, False)
result_anquanke_long = Src_anquanke(time_1, False)
result_doonsec_long = Src_doonsec(time_1, False, Doonsec_switch, Doonsec)
result_doonsec_long = Src_doonsec(False, Doonsec_switch, Doonsec)
print(result_doonsec_long)
result_xianzhi_long = Src_xianzhi(time_1, False)
result_freebuf_long = Src_freebuf(time_1, False)
result_qianxin_long = Src_qianxin(time_1, False)
@ -109,7 +110,7 @@ def send_job_RSS(time_1):
# 分析各个数据源的结果(输出短结果)
result_4hou_short = Src_4hou(time_1, True)
result_anquanke_short = Src_anquanke(time_1, True)
result_doonsec_short = Src_doonsec(time_1, True, Doonsec_switch, Doonsec)
result_doonsec_short = Src_doonsec(True, Doonsec_switch, Doonsec)
result_xianzhi_short = Src_xianzhi(time_1, True)
result_freebuf_short = Src_freebuf(time_1, True)
result_qianxin_short = Src_qianxin(time_1, True)
@ -126,6 +127,7 @@ def send_job_RSS(time_1):
check_avaliable(result_seebug_long, result_seebug_short, "Seebug社区资讯", webhook_url, timestamp, sign)
def send_job_SX():
Sogou_WX, Doonsec_switch, Doonsec = get_kewords_config()
sougou_wx_main(Sogou_WX)
result_sx_long = Src_sougou_wx(False)
result_sx_short = Src_sougou_wx(True)
@ -133,7 +135,8 @@ def send_job_SX():
check_avaliable(result_sx_long, result_sx_short, "微信公众号关键词相关内容", webhook_url, timestamp, sign)
def send_job_github(time_1):
github_main()
keyword_list, tool_list, user_list, black_words = load_github_config()
github_main(keyword_list, tool_list, user_list, black_words)
result_github_1_long, result_github_2_long, result_github_3_long, result_github_4_long = Src_github(time_1, False)
result_github_1_short, result_github_2_short, result_github_3_short, result_github_4_short = Src_github(time_1, True)
webhook_url, timestamp, sign = gen_sign()

View File

@ -18,7 +18,7 @@ from spider.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki
from spider.freebuf import freebuf_main
from spider.xianzhi import xianzhi_main
from spider.sougou_wx import sougou_wx_main
from spider.github import github_main
from spider.github import github_main, load_github_config
from GotoSend.M_4hou import Src_4hou
from GotoSend.anquanke import Src_anquanke
from GotoSend.doonsec import Src_doonsec
@ -31,7 +31,20 @@ from GotoSend.github import Src_github
from config.check_config import get_core_config, get_debug_config, get_kewords_config
from loguru import logger
# 全局变量
webhook_url_once, timestamp_once, sign_once = gen_sign()
e_hour, time_choice, choice, fs_activate, wx_activate, ding_activate, lx_activate, url_web = get_core_config()
Sogou_WX, Doonsec_switch, Doonsec = get_kewords_config()
# print(f"当前配置信息Doonsec_switch{Doonsec_switch}")
if __name__ == "__main__":
logger.info("程序正在运行当中。")
# result_doonsec_long = Src_doonsec(False, Doonsec_switch, Doonsec)
# print(result_doonsec_long)
while True:
Sogou_WX, Doonsec_switch, Doonsec = get_kewords_config()
print(f"当前配置信息Doonsec_switch{Doonsec_switch}")
print(f"当前配置信息Sogou_WX{Sogou_WX}")
print(f"当前配置信息Doonsec{Doonsec}")
print("\n")
time.sleep(10)

View File

@ -196,7 +196,7 @@ def Src_doonsec(Is_short, Doonsec_switch, Doonsec):
return False
if __name__ == "__main__":
reslts = Src_doonsec(False, True, ["webshell", "2000", "POC", "SQL", "XSS", "CSRF", "漏洞"] )
reslts = Src_doonsec(False, False, ["webshell", "2000", "POC", "SQL", "XSS", "CSRF", "漏洞"] )
if reslts != False:
print(reslts)
else:

View File

@ -2,8 +2,9 @@
RSS订阅链接来源https://github.com/zhengjim/Chinese-Security-RSS <br>
使用python-json进行格式化然后使用飞书webhook机器人进行发送 <br>
./config/config.yaml 可指定发送渠道、运行方式等基础配置信息 <br>
./config/keywords.yaml 可指定关键词参数 <br>
./config/github_config.yaml 可指定Github相关参数 <br>
./config/keywords.yaml 可指定关键词参数(支持热修改) <br>
./config/github_config.yaml 可指定Github相关参数支持热修改 <br>
更新记录请查看./UpdateLOG.md
### 项目特色 <br>
- 模块化爬虫获取信息部分、分析对获取的json信息进行筛选分析存储、推送推送至各渠道、网页等各模块均可单独运行。 <br>

View File

@ -3,13 +3,13 @@
`已通过增加时间范围功能改善此问题,彻底解决需要重构代码`
- 钉钉/企业微信/蓝信webhook存在字节长度限制需要优化程序推送逻辑 <br>
`尽力改善中,彻底解决需重构代码`
- 首次运行时若抓取RSS源失败筛选模块无法获取json文件时会导致中断 <br>
`为项目添加一个初始json文件`
### 下一步计划(待完成) <br>
- 添加更多RSS订阅源持续进行中 <br>
- 更换筛选模块,由时段筛选改为历史记录筛选以确保不会有资讯漏报 <br>
- 添加更多推送方式,如邮件、微信等 <br>
- 添加GitHub等监测源参考github-cve-monitor <br>
- 添加Mysql作为数据库存储 <br>
- 添加百度搜索、谷歌搜索等更多相关检测源,后续将支持谷歌语法 <br>
### 下一步计划(已完成) <br>
- 将所有打印信息转为logging info并存档已完成<br>
@ -18,6 +18,11 @@
- 添加超时机制,防止程序异常卡死(已完成) <br>
- 存档所有推送文章方便以后查看(已完成) <br>
- 创建Web网页以展示最新推送info.masonliu.com已完成 <br>
- 更换筛选模块,由时段筛选改为历史记录筛选以确保不会有资讯漏报(筛选条件增加了时间筛选和是否已发送筛选) <br>
- 添加GitHub等监测源重构参考项目逻辑并上线 <br>
### 下一步计划(已作废) <br>
- 添加Mysql作为数据库存储现有sqlite已满足使用 <br>
### 更新日志
#### 从2024年12月15日开始记录
@ -30,4 +35,6 @@
- 2024年12月30日添加并完善了基于搜狗搜索的微信公众号文章监测 <br>
- 2024年12月30日晚为洞见微信资讯推送添加了关键词筛选 <br>
- 2025年01月02日更新并上线了Github项目监测功能readme后续更新中 <br>
- 2025年01月02日晚再次优化了文件结构提高可读性 <br>
- 2025年01月02日晚再次优化了文件结构提高可读性 <br>
- 2025年01月05日晚修复了doonsec相关配置的bug程序现已可正常运行 <br>
- 2025年01月06日更新了配置信息自动获取的逻辑添加关键词等现可在运行时添加重要配置信息config.yaml仍需暂停重新运行 <br>

View File

@ -17,7 +17,10 @@ def get_core_config():
# 加载参数
with open('./config/config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
logger.debug(f"Loaded config: {config}") # 输出加载的配置
debug = f"{config['debug']}"
if debug == "True":
logger.debug("Debug mode is on")
logger.debug(f"Loaded config: {config}") # 输出加载的配置
time_choice = int(f"{config['time_mode']}")
choice = config['mode'] # 假设 mode 是一个列表
@ -67,7 +70,11 @@ def get_kewords_config():
with open('./config/keywords.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
Sogou_WX = config['Sogou-WX']
Doonsec_switch = f"{config['Doonsec-switch']}"
Doonsec_switch = config.get('Doonsec-switch', False)
Doonsec = config['Doonsec']
return Sogou_WX, Doonsec_switch, Doonsec
# print (Sogou_WX, Doonsec_switch, Doonsec)
return Sogou_WX, Doonsec_switch, Doonsec
if __name__ == "__main__":
get_kewords_config()

View File

@ -29,7 +29,7 @@ e_hour: 4 # 程序运行时间间隔
time_mode: 1
# 0定时运行模式仅在指定时间运行参照Core.py中设置
# 1启用循环一定间隔时间后运行
mode: [1, 2] # 运行模式,可多选
mode: [0] # 运行模式,可多选
# 0启用RSS抓取模式
# 1启用搜狗-微信公众号文章监测
# 2启用github项目监测
@ -38,4 +38,4 @@ mode: [1, 2] # 运行模式,可多选
url: https://info.masonliu.com/ # 请设置为您自己反代的域名,或者改为 http://127.0.0.1:5000 或者对应IP域名
# 调试模式
debug: True
debug: False

4
log/core.log Normal file
View File

@ -0,0 +1,4 @@
2025-01-06 00:28:38 - DEBUG - config.check_config:get_core_config:20 - Loaded config: {'fs_activate': True, 'fs_key': '202d7e51-9a46-422e-a035-863bc42bc459', 'fs_secret': 'eZaSCl5DSqtJyZ8QpJBDFh', 'wx_activate': False, 'wx_key': None, 'ding_activate': False, 'ding_key': None, 'lx_activate': False, 'lx_key': None, 'mail_host': 'smtp.masonliu.com', 'mail_user': 'test@masonliu.com', 'mail_pass': 'Test123456', 'sender': 'test@masonliu.com', 'receivers': ['2857911564@qq.com'], 'e_hour': 4, 'time_mode': 1, 'mode': [0], 'url': 'https://info.masonliu.com/', 'debug': True}
2025-01-06 00:29:41 - DEBUG - config.check_config:get_core_config:20 - Loaded config: {'fs_activate': True, 'fs_key': '202d7e51-9a46-422e-a035-863bc42bc459', 'fs_secret': 'eZaSCl5DSqtJyZ8QpJBDFh', 'wx_activate': False, 'wx_key': None, 'ding_activate': False, 'ding_key': None, 'lx_activate': False, 'lx_key': None, 'mail_host': 'smtp.masonliu.com', 'mail_user': 'test@masonliu.com', 'mail_pass': 'Test123456', 'sender': 'test@masonliu.com', 'receivers': ['2857911564@qq.com'], 'e_hour': 4, 'time_mode': 1, 'mode': [0], 'url': 'https://info.masonliu.com/', 'debug': True}
2025-01-06 00:33:10 - DEBUG - config.check_config:get_core_config:20 - Loaded config: {'fs_activate': True, 'fs_key': '202d7e51-9a46-422e-a035-863bc42bc459', 'fs_secret': 'eZaSCl5DSqtJyZ8QpJBDFh', 'wx_activate': False, 'wx_key': None, 'ding_activate': False, 'ding_key': None, 'lx_activate': False, 'lx_key': None, 'mail_host': 'smtp.masonliu.com', 'mail_user': 'test@masonliu.com', 'mail_pass': 'Test123456', 'sender': 'test@masonliu.com', 'receivers': ['2857911564@qq.com'], 'e_hour': 4, 'time_mode': 1, 'mode': [0], 'url': 'https://info.masonliu.com/', 'debug': True}
2025-01-06 00:33:15 - DEBUG - config.check_config:get_core_config:20 - Loaded config: {'fs_activate': True, 'fs_key': '202d7e51-9a46-422e-a035-863bc42bc459', 'fs_secret': 'eZaSCl5DSqtJyZ8QpJBDFh', 'wx_activate': False, 'wx_key': None, 'ding_activate': False, 'ding_key': None, 'lx_activate': False, 'lx_key': None, 'mail_host': 'smtp.masonliu.com', 'mail_user': 'test@masonliu.com', 'mail_pass': 'Test123456', 'sender': 'test@masonliu.com', 'receivers': ['2857911564@qq.com'], 'e_hour': 4, 'time_mode': 1, 'mode': [0], 'url': 'https://info.masonliu.com/', 'debug': True}

142
resources/JSON/4hou.json Normal file

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1,162 @@
[
{
"guid": "https://www.anquanke.com/post/id/303249",
"title": "2025年数字安全十大趋势预测挑战、机遇、变革与战略布局",
"author": " 安全客",
"description": null,
"source": "微信",
"pubDate": "2025-01-03 11:28:51"
},
{
"guid": "https://www.anquanke.com/post/id/303246",
"title": "已打补丁但仍有漏洞 Windows BitLocker 加密再次被绕过",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2025-01-03 11:21:09"
},
{
"guid": "https://www.anquanke.com/post/id/303243",
"title": "CVE-2024-21182 针对严重 WebLogic 漏洞发布 PoC 漏洞利用代码",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2025-01-03 11:15:29"
},
{
"guid": "https://www.anquanke.com/post/id/303240",
"title": "日本最大移动运营商称网络攻击中断了部分服务",
"author": " 安全客",
"description": null,
"source": "therecord",
"pubDate": "2025-01-03 11:02:09"
},
{
"guid": "https://www.anquanke.com/post/id/303236",
"title": "新的 DoubleClickjacking 攻击利用双击来劫持帐户",
"author": " 安全客",
"description": null,
"source": "bleepingcomputer",
"pubDate": "2025-01-03 10:53:02"
},
{
"guid": "https://www.anquanke.com/post/id/303233",
"title": "揭开虚假人气的面纱: 研究揭露 GitHub 上的 450 万颗假星",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2025-01-03 10:41:42"
},
{
"guid": "https://www.anquanke.com/post/id/303230",
"title": "苹果公司将支付 9500 万美元解决 Siri 隐私诉讼",
"author": " 安全客",
"description": null,
"source": "therecord",
"pubDate": "2025-01-03 10:29:54"
},
{
"guid": "https://www.anquanke.com/post/id/303227",
"title": "跨域攻击: 现代安全面临的日益严重的威胁以及如何应对这些威胁",
"author": " 安全客",
"description": null,
"source": "TheHackersNews",
"pubDate": "2025-01-03 10:21:30"
},
{
"guid": "https://www.anquanke.com/post/id/303224",
"title": "假冒 7-Zip 漏洞代码源于人工智能生成的误解",
"author": " 安全客",
"description": null,
"source": "hackread",
"pubDate": "2025-01-03 10:12:25"
},
{
"guid": "https://www.anquanke.com/post/id/303221",
"title": "官员警告:黑客泄露了罗德岛州勒索软件攻击的数据",
"author": " 安全客",
"description": null,
"source": "cybersecuritydive",
"pubDate": "2025-01-03 10:04:05"
},
{
"guid": "https://www.anquanke.com/post/id/303208",
"title": "2024年度盘点之漏洞威胁AI技术降低漏洞利用门槛网络边缘设备成重灾区",
"author": " 安全客",
"description": null,
"source": "微信",
"pubDate": "2025-01-02 16:51:55"
},
{
"guid": "https://www.anquanke.com/post/id/303205",
"title": "66,000 台 DrayTek 网关存在远程命令注入漏洞 (CVE-2024-12987),已发布 PoC",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2025-01-02 16:41:12"
},
{
"guid": "https://www.anquanke.com/post/id/303202",
"title": "D-Link 就易受僵尸网络攻击的报废路由器发出警告",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2025-01-02 16:35:11"
},
{
"guid": "https://www.anquanke.com/post/id/303199",
"title": "CVE-2024-12108 (CVSS 9.6) Progress WhatsUp Gold ",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2025-01-02 16:27:46"
},
{
"guid": "https://www.anquanke.com/post/id/303196",
"title": "针对 Windows 零点击漏洞 CVE-2024-49112 发布 PoC 漏洞利用程序",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2025-01-02 16:20:29"
},
{
"guid": "https://www.anquanke.com/post/id/303193",
"title": "拟议更新HIPAA安全规则授权以在72小时内恢复某些相关电子信息系统和数据的丢失",
"author": " 安全客",
"description": null,
"source": "securityaffairs",
"pubDate": "2025-01-02 15:15:33"
},
{
"guid": "https://www.anquanke.com/post/id/303187",
"title": "新的 “双重点击劫持 ”漏洞绕过了主要网站的点击劫持保护措施",
"author": " 安全客",
"description": null,
"source": "TheHackersNews",
"pubDate": "2025-01-02 14:53:40"
},
{
"guid": "https://www.anquanke.com/post/id/303182",
"title": "新的 IOCONTROL 恶意软件用于关键基础设施攻击",
"author": " 安全客",
"description": null,
"source": "嘶吼",
"pubDate": "2025-01-02 14:44:44"
},
{
"guid": "https://www.anquanke.com/post/id/303179",
"title": "2025 年医疗保健网络监管和立法前景如何?",
"author": " 安全客",
"description": null,
"source": "govinfosecurity",
"pubDate": "2025-01-02 14:27:41"
},
{
"guid": "https://www.anquanke.com/post/id/303176",
"title": "FortiGuard Labs 将新的 EC2 Grouper 黑客与 AWS 凭证漏洞联系起来",
"author": " 安全客",
"description": null,
"source": "hackread",
"pubDate": "2025-01-02 14:19:55"
}
]

1602
resources/JSON/doonsec.json Normal file

File diff suppressed because it is too large Load Diff

161
resources/JSON/freebuf.json Normal file
View File

@ -0,0 +1,161 @@
[
{
"title": "【全球首发】【6w$赏金】微软身份漏洞-未授权强制解绑任意微软账户邮箱",
"link": "https://www.freebuf.com/vuls/419097.html",
"description": "网络安全并不是我的最终梦想职业,只是梦想职业的其中一个技能点。",
"body": "<h2 id=\"h2-1\">致谢</h2><p>我是Feng Jiaming公开别名 Sugobet/M1n9K1n9来自中国广东工贸职业技术学院的在校学生。</p><p>I'm Feng Jiaming, my public alias Sugobet/M1n9K1n9, a student from Guangdong Polytechnic of Industry and Commerc",
"category": "漏洞",
"pubDate": "Sun, 05 Jan 2025 13:35:19 +0800"
},
{
"title": "都在给网安泼冷水,我来给网安泼盆开水",
"link": "https://www.freebuf.com/articles/neopoints/419094.html",
"description": "契机今天看到一篇文章契机今天看到一篇文章让我有了估算大黑阔赚钱能力的灵感。给网安行业泼盆开水!",
"body": "<h2 id=\"h2-1\"><strong>契机</strong></h2><p style=\"text-align:center;\">今天看到一篇文章让我有了估算大黑阔赚钱能力的灵感。给网安行业泼盆开水!<br /><img src=\"https://image.3001.net/images/20250105/1736053407_677a129f75ed5e9a02268.png!small",
"category": "观点",
"pubDate": "Sun, 05 Jan 2025 13:14:47 +0800"
},
{
"title": "盘点万亿市值的Palantir在2024年拿下的至少87亿的美军合同都是啥",
"link": "https://www.freebuf.com/articles/neopoints/419073.html",
"description": "仅2024年一年该公司与美国军方的合同额就高达12亿美元约合人民币87.8亿元)。",
"body": "<p style=\"text-align:center;\">近日美国科技公司Palantir宣布美国陆军已授予Palantir一份价值4.007亿美元约合人民币29亿元的合同。近年来Palantir持续获得美国军方的青睐公开信息显示仅2024年一年该公司与美国军方的合同额就高达12亿美元约合人民币87.8亿元。目前Palantir的大部分收入都来自于美国政府和军事部门。<br",
"category": "观点",
"pubDate": "Sat, 04 Jan 2025 14:01:04 +0800"
},
{
"title": "一周网安优质PDF资源推荐丨FreeBuf知识大陆",
"link": "https://www.freebuf.com/articles/419042.html",
"description": "我们精选了本周知识大陆公开发布的10条优质资源让我们一起看看吧。",
"body": "<p>各位读者周末好以下是本周「FreeBuf知识大陆一周优质资源推荐」我们精选了本周知识大陆公开发布的10条优质资源让我们一起看看吧。</p><p><img src=\"https://image.3001.net/images/20250103/1735891639_67779ab73e8d0be0fdbae.png!small\" alt=\"\" /></p><h2 id=\"h2-1\">笔记",
"pubDate": "Fri, 03 Jan 2025 16:22:28 +0800"
},
{
"title": "FreeBuf周报 | 超过300万台未加密的邮件服务器暴露WPA3协议存在安全漏洞",
"link": "https://www.freebuf.com/news/419036.html",
"description": "总结推荐本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!",
"body": "<p>各位 Buffer 周末好以下是本周「FreeBuf周报」我们总结推荐了本周的热点资讯、安全事件、一周好文和省心工具保证大家不错过本周的每一个重点<img style=\"border-width:0px;line-height:inherit;max-width:635px;height:auto;\" src=\"https://image.3001.net/images/202209",
"category": "资讯",
"pubDate": "Fri, 03 Jan 2025 15:56:46 +0800"
},
{
"title": "Agneyastra一款Firebase 错误配置检测工具包",
"link": "https://www.freebuf.com/sectool/419006.html",
"description": "Agneyastra是一款功能强大的错误配置检测工具可以帮助广大研究人员更好地保障Firebase平台的安全。",
"body": "<h2 id=\"h2-1\">关于Agneyastra</h2><p>Agneyastra是一款功能强大的错误配置检测工具该工具主要针对的是Firebase平台可以帮助广大研究人员更好地保障Firebase平台的安全。</p><p><img src=\"https://image.3001.net/images/20250103/1735881390_677772aecfdd43a52c23b.p",
"category": "工具",
"pubDate": "Fri, 03 Jan 2025 13:21:19 +0800"
},
{
"title": "Exposor一款基于互联网搜索引擎实现的统一语法网络侦查工具",
"link": "https://www.freebuf.com/sectool/419004.html",
"description": "Exposor是一款功能强大的网络侦查工具支持广大研究人员使用统一语法来检测网络中的安全威胁。",
"body": "<h2 id=\"h2-1\">关于Exposor</h2><p>Exposor是一款功能强大的网络侦查工具该工具基于互联网搜索引擎实现其功能支持广大研究人员使用统一语法来检测网络中的安全威胁。</p><p><img src=\"https://image.3001.net/images/20250103/1735880146_67776dd204e38df0c1826.png!small\" wid",
"category": "工具",
"pubDate": "Fri, 03 Jan 2025 12:58:29 +0800"
},
{
"title": "日本最大的移动运营商因DDoS攻击导致服务中断",
"link": "https://www.freebuf.com/news/418992.html",
"description": "NTT Docomo当地时间1月2日表示一次DDoS网络攻击导致运营中断网站和一些服务在宕机大半天后才逐渐恢复。",
"body": "<p>日本最大的移动运营商 NTT Docomo Inc. 当地时间1月2日表示一次分布式拒绝服务 DDoS 网络攻击导致运营中断,网站和一些服务在宕机大半天后才逐渐恢复。</p><p><img src=\"https://image.3001.net/images/20250103/1735874913_677759613048fcfd644c0.png!small\" width=\"690\"",
"category": "资讯",
"pubDate": "Fri, 03 Jan 2025 11:26:47 +0800"
},
{
"title": "用户集体起诉Siri“偷听”",
"link": "https://www.freebuf.com/news/418989.html",
"description": "苹果公司同意支付9500万美元现金以和解一项拟议的集体诉讼该诉讼声称其Siri语音助手侵犯了用户的隐私。",
"body": "<p>1月3日消息科技巨头苹果公司同意支付9500万美元现金以和解一项拟议的集体诉讼该诉讼声称其Siri语音助手侵犯了用户的隐私。这份和解协议涵盖了2014年9月17日至2024年12月31日期间使用Siri的美国用户涉及数千万人。</p><p>每位参与诉讼的用户最多可为5台Siri设备申请赔偿每台设备最高可获得20美元。此外苹果公司需在六个月内永久删除2019年10月前收集的Siri",
"category": "资讯",
"pubDate": "Fri, 03 Jan 2025 11:17:16 +0800"
},
{
"title": "黑客滥用AWS泄露的信息进行云狩猎",
"link": "https://www.freebuf.com/news/418985.html",
"description": "名为“EC2 Grouper”的黑客组织近年来一直在利用AWS工具以及泄露的凭证对云环境展开狩猎型攻击。",
"body": "<p>名为“EC2 Grouper”的黑客组织近年来一直在利用AWS工具以及泄露的凭证对云环境展开狩猎型攻击。在过去的数年里这个相当活跃的威胁行为主体在数十个客户环境中被发现这使其成为网络安全专家追踪的最活跃的组织之一。</p><p><img src=\"https://image.3001.net/images/20250103/1735874034_677755f204ca51a03dc1",
"category": "资讯",
"pubDate": "Fri, 03 Jan 2025 11:10:50 +0800"
},
{
"title": "超过300万台未加密的邮件服务器暴露",
"link": "https://www.freebuf.com/news/418975.html",
"description": "超过300万台未启用TLS加密的POP3和IMAP邮件服务器暴露在互联网上容易受到网络嗅探攻击。",
"body": "<p>目前超过300万台未启用TLS加密的POP3和IMAP邮件服务器暴露在互联网上容易受到网络嗅探攻击。</p><p>IMAP和POP3是访问邮件服务器上邮件的两种方式。IMAP适用于从多个设备如手机和笔记本电脑查看邮件因为它会将邮件保留在服务器上并在设备间同步。而POP3则会将邮件从服务器下载使其仅能从下载的设备访问。</p><p><img src=\"https://image.3",
"category": "资讯",
"pubDate": "Fri, 03 Jan 2025 10:22:53 +0800"
},
{
"title": "CertiK Hack3D Web3.0 年度安全报告2024",
"link": "https://www.freebuf.com/articles/paper/418966.html",
"description": "2024年Web3.0领域因安全事件导致的总损失超过23.63亿美元同比增幅达31.61%。全年共发生760起安全事件其中网络钓鱼和私钥泄露是两大主要攻击手段。",
"body": "<p><img src=\"https://image.3001.net/images/20250102/1735830965_6776adb5bccea4626f7a7.jpg!small\" alt=\"2024Web3.0 安全年度报告 (1).jpg\" /></p><h1><strong>摘要</strong></h1><ul><li><p>2024年Web3.0行业共发生760起链上安全事件",
"category": "安全报告",
"pubDate": "Thu, 02 Jan 2025 23:16:05 +0800"
},
{
"title": "shiro-core 框架分析",
"link": "https://www.freebuf.com/articles/web/413356.html",
"description": "shiro-core 框架分析",
"body": "<h1>shiro-core</h1><p>本篇文章只阐述最核心内容从整体描述shiro-core目的是能在研究shiro的漏洞时有一个全局观因此不可能涉及全部细节。</p><ul><li><p><a href=\"https://shiro.apache.org/introduction.html\">Introduction to Apache Shiro | Apache Shiro</a",
"category": "Web安全",
"pubDate": "Thu, 02 Jan 2025 20:40:16 +0800"
},
{
"title": "FreeBuf早报 | 作者辟谣7-Zip存零日漏洞法国多地网站遭遇黑客攻击",
"link": "https://www.freebuf.com/news/418936.html",
"description": "12月31日法国多个城镇和省份的网站无法访问。此前一个黑客团体声称发动网络攻击以报复法国支持乌克兰。",
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 美财政部称遭到“中国政府支持的黑客”攻击,中方回应</h3><p>中方一贯反对各种形式的黑客攻击,更反对出于政治目的散布针对中国的虚假信息。 【<a href=\"http://usa.people.com.cn/n1/2025/0102/c241376-40394097.html\"><u>阅读原文</u></a>】</",
"category": "资讯",
"pubDate": "Thu, 02 Jan 2025 15:45:09 +0800"
},
{
"title": "分享OAuth2.0原理及漏洞挖掘技巧案例分析",
"link": "https://www.freebuf.com/vuls/418923.html",
"description": "这篇文章主要是从一个简单的案例来开头然后后面讲OAuth2.0原理以及相关的一些相关知识。",
"body": "<h2 id=\"h2-1\">0x1 前言</h2><h3 id=\"h3-1\">一、浅谈</h3><p>不知道师傅们平常有没有碰到就是在登录比如说百度时,登录页面有需要使用一段第三方社交媒体的账户(QQ、微博、微信)登录的情况而这种大多数都是使用OAuth 2.0框架构建的。</p><p>然而再挖掘SRC的过程中在听别的师傅讲课听到关于这方面的只是这次特地来学习OAuth2.0原理及漏洞挖掘技",
"category": "漏洞",
"pubDate": "Thu, 02 Jan 2025 13:40:21 +0800"
},
{
"title": "新的“DoubleClickjacking”漏洞可绕过网站的劫持保护",
"link": "https://www.freebuf.com/news/418913.html",
"description": "该漏洞通过利用双击操作来推动点击劫持攻击及账户接管,几乎波及所有大型网站。",
"body": "<p>安全专家揭示了一种新型的“普遍存在的基于时间的漏洞”该漏洞通过利用双击操作来推动点击劫持攻击及账户接管几乎波及所有大型网站。这一技术已被安全研究员Paulos Yibelo命名为“DoubleClickjacking”。</p><p><img src=\"https://image.3001.net/images/20250102/1735789931_67760d6b5512ab30e8",
"category": "资讯",
"pubDate": "Thu, 02 Jan 2025 11:46:14 +0800"
},
{
"title": "至少35个Chrome扩展被劫持新细节揭示了黑客的攻击手法",
"link": "https://www.freebuf.com/news/418912.html",
"description": "近期黑客针对多个Chrome扩展程序进行了攻击数十万用户受到影响。随着调查的深入一些攻击活动细节也得到了披露。",
"body": "<p>据BleepingComputer消息近期黑客针对多个Chrome扩展程序进行了攻击数十万用户受到影响。随着调查的深入一些攻击活动细节也得到了披露。</p><p>根据最新调查,攻击导致至少 35 个扩展程序被植入数据窃取代码,较之前的初步怀疑数量直接翻倍,其中包括来自网络安全公司 Cyberhaven 的扩展。尽管最初的报道集中在 Cyberhaven 的安全扩展上,但随后的调查显示",
"category": "资讯",
"pubDate": "Thu, 02 Jan 2025 11:41:04 +0800"
},
{
"title": "Windows 曝9.8分漏洞已有PoC及利用情况",
"link": "https://www.freebuf.com/news/418909.html",
"description": "CVE - 2024 - 49112属于远程代码执行RCE漏洞会对包括域控制器DC在内的Windows服务器产生影响。",
"body": "<p>SafeBreach Labs的研究人员发布了关于Windows轻量级目录访问协议LDAP的一个关键漏洞的概念验证PoC和漏洞利用方法该漏洞编号为CVE - 2024 - 49112。微软在2024年12月10日的补丁星期二更新中披露了此漏洞其CVSS严重性评分高达9.8。</p><p>CVE - 2024 - 49112属于远程代码执行RCE漏洞会对包括域控制器DC在",
"category": "资讯",
"pubDate": "Thu, 02 Jan 2025 11:29:58 +0800"
},
{
"title": "记一次CNVD证书的挖掘方式",
"link": "https://www.freebuf.com/articles/web/418887.html",
"description": "越权漏洞,用户能够修改或访问其他用户(包括管理员)的数据或权限。",
"body": "<h2 id=\"h2-1\">漏洞挖掘背景</h2><p>在Fofa上随便逛逛 突然看到了某某系统 好奇就点了进去</p><h2 id=\"h2-2\">漏洞发现与利用步骤</h2><p><img src=\"https://image.3001.net/images/20250101/1735726269_677514bde6b4ee044cf72.png!small?1735726271056\" al",
"category": "Web安全",
"pubDate": "Wed, 01 Jan 2025 18:33:17 +0800"
},
{
"title": "漏洞分析 | Apache Struts文件上传漏洞CVE-2024-53677",
"link": "https://www.freebuf.com/vuls/418881.html",
"description": "目前该漏洞POC状态已在互联网公开",
"body": "<h2 id=\"h2-1\">漏洞概述</h2><p>Apache Struts是美国阿帕奇Apache基金会的一个开源项目是一套用于创建企业级Java Web应用的开源MVC框架。</p><p>近期网宿安全演武实验室监测到Apache Struts在特定条件下存在文件上传漏洞网宿评分高危、CVSS 3.0 评分8.1</p><p>攻击者可以操纵文件上传参数来实现路径遍历,在某些",
"category": "漏洞",
"pubDate": "Tue, 31 Dec 2024 19:47:46 +0800"
}
]

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,68 @@
[
{
"link": "https://github.com/BeichenDream/Godzilla/releases/tag/v4.0.1-godzilla",
"published_at": "2021-11-01T08:54:13Z",
"author": "BeichenDream",
"keyword": "BeichenDream/Godzilla"
},
{
"link": "https://github.com/rebeyond/Behinder/releases/tag/Behinder_v4.1%E3%80%90t00ls%E4%B8%93%E7%89%88%E3%80%91",
"published_at": "2023-08-24T11:31:46Z",
"author": "rebeyond",
"keyword": "rebeyond/Behinder"
},
{
"link": "https://github.com/AntSwordProject/antSword/releases/tag/2.1.15",
"published_at": "2022-07-17T05:52:54Z",
"author": "Medicean",
"keyword": "AntSwordProject/antSword"
},
{
"link": "https://github.com/gentilkiwi/mimikatz/releases/tag/2.2.0-20220919",
"published_at": "2022-09-19T15:55:03Z",
"author": "gentilkiwi",
"keyword": "gentilkiwi/mimikatz"
},
{
"link": "https://github.com/ehang-io/nps/releases/tag/v0.26.10",
"published_at": "2021-04-08T06:32:17Z",
"author": "ffdfgdfg",
"keyword": "ehang-io/nps"
},
{
"link": "https://github.com/chaitin/xray/releases/tag/xpoc-0.1.0",
"published_at": "2024-07-19T11:12:29Z",
"author": "Jarcis-cy",
"keyword": "chaitin/xray"
},
{
"link": "https://github.com/FunnyWolf/pystinger/releases/tag/v1.6",
"published_at": "2021-03-30T13:47:07Z",
"author": "FunnyWolf",
"keyword": "FunnyWolf/pystinger"
},
{
"link": "https://github.com/L-codes/Neo-reGeorg/releases/tag/v5.2.0",
"published_at": "2024-01-16T06:39:11Z",
"author": "L-codes",
"keyword": "L-codes/Neo-reGeorg"
},
{
"link": "https://github.com/shadow1ng/fscan/releases/tag/2.0.0-build1",
"published_at": "2024-12-19T15:11:24Z",
"author": "shadow1ng",
"keyword": "shadow1ng/fscan"
},
{
"link": "https://github.com/SafeGroceryStore/MDUT/releases/tag/v2.1.1",
"published_at": "2022-06-22T13:11:44Z",
"author": "Ch1ngg",
"keyword": "SafeGroceryStore/MDUT"
},
{
"link": "https://github.com/wy876/POC/releases/tag/POC20241228",
"published_at": "2024-12-29T09:00:56Z",
"author": "wy876",
"keyword": "wy876/POC"
}
]

View File

@ -0,0 +1,119 @@
[
{
"link": "https://api.github.com/BeichenDream/Godzilla",
"name": "BeichenDream/Godzilla",
"updated_at": "2023-03-07T07:33:10Z",
"description": "Update README.md",
"author": "beichen",
"link_2": "https://github.com/BeichenDream/Godzilla/commit/a5558e6c37139ebb0b7b4491dc3ea7ce8d8f9e49",
"keyword": "BeichenDream/Godzilla"
},
{
"link": "https://api.github.com/rebeyond/Behinder",
"name": "rebeyond/Behinder",
"updated_at": "2023-08-15T14:28:52Z",
"description": "Create SECURITY.md",
"author": "rebeyond",
"link_2": "https://github.com/rebeyond/Behinder/commit/2e2817ae70462a02281c8d96d4cd44c19e5c55b0",
"keyword": "rebeyond/Behinder"
},
{
"link": "https://api.github.com/AntSwordProject/antSword",
"name": "AntSwordProject/antSword",
"updated_at": "2023-07-15T02:53:39Z",
"description": "(Fix: Modules/Database) 修正 PHP4 类型数据管理模块打不开的问题",
"author": "Medicean",
"link_2": "https://github.com/AntSwordProject/antSword/commit/6112ab2c3f6dceda68421cf02ca2dc43a940a01f",
"keyword": "AntSwordProject/antSword"
},
{
"link": "https://api.github.com/yhy0/github-cve-monitor",
"name": "yhy0/github-cve-monitor",
"updated_at": "2023-02-14T07:02:19Z",
"description": "修复黑名单,之前搞成没三分钟清零了,抱歉",
"author": "yhy",
"link_2": "https://github.com/yhy0/github-cve-monitor/commit/570b0645f8f51706d984ff9ba97e0a79d733bf66",
"keyword": "yhy0/github-cve-monitor"
},
{
"link": "https://api.github.com/gentilkiwi/mimikatz",
"name": "gentilkiwi/mimikatz",
"updated_at": "2024-01-05T09:06:47Z",
"description": "Merge pull request #439 from chunhualiu/master\n\n[change] Convert pointer to DWORD_PTR first to eliminate compile warning",
"author": "Benjamin DELPY",
"link_2": "https://github.com/gentilkiwi/mimikatz/commit/0c611b1445b22327fcc7defab2c09b63b4f59804",
"keyword": "gentilkiwi/mimikatz"
},
{
"link": "https://api.github.com/ehang-io/nps",
"name": "ehang-io/nps",
"updated_at": "2021-10-09T07:18:41Z",
"description": "Merge pull request #866 from freeoa/master\n\nadd build to apple silicon(M1)",
"author": "he liu",
"link_2": "https://github.com/ehang-io/nps/commit/ab648d6f0c618c690a7a79948a7ebd686e1cdafc",
"keyword": "ehang-io/nps"
},
{
"link": "https://api.github.com/chaitin/xray",
"name": "chaitin/xray",
"updated_at": "2024-08-16T07:18:55Z",
"description": "[add] 更新客服信息",
"author": "Jarcis-cy",
"link_2": "https://github.com/chaitin/xray/commit/aee9f9cecc3d49a1842a33c38b96af35a7d90168",
"keyword": "chaitin/xray"
},
{
"link": "https://api.github.com/FunnyWolf/pystinger",
"name": "FunnyWolf/pystinger",
"updated_at": "2021-09-29T13:13:36Z",
"description": "Optimize code execution process",
"author": "FunnyWolf",
"link_2": "https://github.com/FunnyWolf/pystinger/commit/8502983a6ae24f99c1ec8a8310f61eda4ed31684",
"keyword": "FunnyWolf/pystinger"
},
{
"link": "https://api.github.com/L-codes/Neo-reGeorg",
"name": "L-codes/Neo-reGeorg",
"updated_at": "2024-09-23T09:12:45Z",
"description": "fix #100",
"author": "L",
"link_2": "https://github.com/L-codes/Neo-reGeorg/commit/9945dce310de26ac7c0c90054584aeef89c58d07",
"keyword": "L-codes/Neo-reGeorg"
},
{
"link": "https://api.github.com/shadow1ng/fscan",
"name": "shadow1ng/fscan",
"updated_at": "2024-12-19T15:09:06Z",
"description": "Update release.yml",
"author": "影舞者",
"link_2": "https://github.com/shadow1ng/fscan/commit/9ee51a96d8a22342feeef6ae2211e500a65c3917",
"keyword": "shadow1ng/fscan"
},
{
"link": "https://api.github.com/SafeGroceryStore/MDUT",
"name": "SafeGroceryStore/MDUT",
"updated_at": "2023-09-22T04:28:28Z",
"description": "Update ShellUtil.java",
"author": "金枪银矛小霸王",
"link_2": "https://github.com/SafeGroceryStore/MDUT/commit/d9af1b1c645cc309787a45ad833d645123855f91",
"keyword": "SafeGroceryStore/MDUT"
},
{
"link": "https://api.github.com/Vme18000yuan/FreePOC",
"name": "Vme18000yuan/FreePOC",
"updated_at": "2024-07-02T13:28:19Z",
"description": "Add files via upload",
"author": "Vme18000yuan",
"link_2": "https://github.com/Vme18000yuan/FreePOC/commit/7511d7967781b5ae770c62b52a4c3c2930d19a79",
"keyword": "Vme18000yuan/FreePOC"
},
{
"link": "https://api.github.com/wy876/POC",
"name": "wy876/POC",
"updated_at": "2025-01-04T06:15:34Z",
"description": "README.md",
"author": "wy876",
"link_2": "https://github.com/wy876/POC/commit/d6a2a1e8cfb5db7059511fe5b02745327bd25efe",
"keyword": "wy876/POC"
}
]

View File

@ -0,0 +1,605 @@
[
{
"link": "https://github.com/su18/woodpecker-plugin-template",
"name": "woodpecker-plugin-template",
"created_at": "2024-12-13T08:47:27Z",
"description": "woodpecker-plugin-template",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/closure-compiler",
"name": "closure-compiler",
"created_at": "2024-12-08T05:13:17Z",
"description": "A JavaScript checker and optimizer.",
"author": "su18",
"language": "Java",
"keyword": "su18"
},
{
"link": "https://github.com/su18/CVE-2022-25845-In-Spring",
"name": "CVE-2022-25845-In-Spring",
"created_at": "2024-11-08T08:24:12Z",
"description": "CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/CTF-NetA",
"name": "CTF-NetA",
"created_at": "2024-10-09T07:46:31Z",
"description": "CTF-NetA是一款专门针对CTF比赛的网络流量分析工具可以对常见的网络流量进行分析快速自动获取flag。",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/jattach",
"name": "jattach",
"created_at": "2024-06-20T08:32:52Z",
"description": "JVM Dynamic Attach utility",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/java-memshell-generator",
"name": "java-memshell-generator",
"created_at": "2024-06-03T03:05:00Z",
"description": "一款支持高度自定义的 Java 内存马生成工具",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/ISC2022Code",
"name": "ISC2022Code",
"created_at": "2024-05-16T11:02:28Z",
"description": null,
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/playframework",
"name": "playframework",
"created_at": "2024-04-10T09:35:50Z",
"description": "The Community Maintained High Velocity Web Framework For Java and Scala.",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/ChatGPT-Next-Web",
"name": "ChatGPT-Next-Web",
"created_at": "2024-04-10T03:18:11Z",
"description": "A cross-platform ChatGPT/Gemini UI (Web / PWA / Linux / Win / MacOS). 一键拥有你自己的跨平台 ChatGPT/Gemini 应用。",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/su18/agentcrack",
"name": "agentcrack",
"created_at": "2023-11-28T04:39:41Z",
"description": "不那么一样的 Java Agent 内存马",
"author": "su18",
"language": null,
"keyword": "su18"
},
{
"link": "https://github.com/BeichenDream/EfsPotato",
"name": "EfsPotato",
"created_at": "2023-03-07T06:59:27Z",
"description": "Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).",
"author": "BeichenDream",
"language": "C#",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/GodzillaPayload",
"name": "GodzillaPayload",
"created_at": "2023-02-14T09:38:20Z",
"description": null,
"author": "BeichenDream",
"language": null,
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/SharpTinyArgParser",
"name": "SharpTinyArgParser",
"created_at": "2022-12-27T08:05:38Z",
"description": null,
"author": "BeichenDream",
"language": "C#",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/GodPotato",
"name": "GodPotato",
"created_at": "2022-12-23T14:37:00Z",
"description": null,
"author": "BeichenDream",
"language": "C#",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/JDR",
"name": "JDR",
"created_at": "2022-12-05T10:55:58Z",
"description": null,
"author": "BeichenDream",
"language": "Java",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/PrintNotifyPotato",
"name": "PrintNotifyPotato",
"created_at": "2022-12-02T06:21:02Z",
"description": "PrintNotifyPotato",
"author": "BeichenDream",
"language": "C#",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/HackBrowserData",
"name": "HackBrowserData",
"created_at": "2022-11-28T15:15:33Z",
"description": "Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。",
"author": "BeichenDream",
"language": "Go",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/GodzillaMemoryShellProject.NET",
"name": "GodzillaMemoryShellProject.NET",
"created_at": "2022-11-26T14:41:38Z",
"description": null,
"author": "BeichenDream",
"language": "C#",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/ISC2022Code",
"name": "ISC2022Code",
"created_at": "2022-08-02T06:06:34Z",
"description": null,
"author": "BeichenDream",
"language": "Java",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/BeichenDream/GodzillaMemoryShellProject",
"name": "GodzillaMemoryShellProject",
"created_at": "2022-07-14T17:34:48Z",
"description": null,
"author": "BeichenDream",
"language": "Java",
"keyword": "BeichenDream"
},
{
"link": "https://github.com/phith0n/conote-docs",
"name": "conote-docs",
"created_at": "2024-10-01T02:03:22Z",
"description": "redirect to https://conote.vulhub.org",
"author": "phith0n",
"language": "HTML",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/tls_proxy",
"name": "tls_proxy",
"created_at": "2024-08-16T13:34:29Z",
"description": "A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.",
"author": "phith0n",
"language": "Go",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/conote",
"name": "conote",
"created_at": "2024-08-11T18:30:09Z",
"description": "All in one cybersecurity utility platform.",
"author": "phith0n",
"language": "JavaScript",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/go_sampler",
"name": "go_sampler",
"created_at": "2023-11-24T10:06:01Z",
"description": "A sample for Go project",
"author": "phith0n",
"language": "Go",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/lo",
"name": "lo",
"created_at": "2023-11-22T11:34:35Z",
"description": "💥 A Lodash-style Go library based on Go 1.18+ Generics (map, filter, contains, find...)",
"author": "phith0n",
"language": null,
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/vueinfo",
"name": "vueinfo",
"created_at": "2023-08-28T10:55:48Z",
"description": "Extract website information from Vue",
"author": "phith0n",
"language": "JavaScript",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/goattribute",
"name": "goattribute",
"created_at": "2023-05-03T18:42:11Z",
"description": "goattribute is a lightweight Go library that allows you to set (and get) attributes of a struct dynamically, using dot notation (e.g., `a.b.c`).",
"author": "phith0n",
"language": "Go",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/vue3-cookiecutter",
"name": "vue3-cookiecutter",
"created_at": "2023-03-23T16:35:05Z",
"description": "template for vue3 + vite",
"author": "phith0n",
"language": "SCSS",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/race-condition-playground",
"name": "race-condition-playground",
"created_at": "2023-03-18T11:38:13Z",
"description": "Playground for Race Condition attack",
"author": "phith0n",
"language": "Python",
"keyword": "phith0n"
},
{
"link": "https://github.com/phith0n/gin",
"name": "gin",
"created_at": "2022-12-24T19:46:06Z",
"description": "Gin is a HTTP web framework written in Go (Golang). It features a Martini-like API with much better performance -- up to 40 times faster. If you need smashing performance, get yourself some Gin.",
"author": "phith0n",
"language": null,
"keyword": "phith0n"
},
{
"link": "https://github.com/zhzyker/microwaveo",
"name": "microwaveo",
"created_at": "2023-11-02T01:47:22Z",
"description": "将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/Dict",
"name": "Dict",
"created_at": "2023-09-12T05:16:27Z",
"description": "一些弱口令、fuzz字典",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/Research",
"name": "Research",
"created_at": "2023-07-28T10:14:20Z",
"description": "Research analysis",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/GobyVuls",
"name": "GobyVuls",
"created_at": "2023-04-07T02:49:25Z",
"description": "Vulnerabilities of Goby supported with exploitation.",
"author": "zhzyker",
"language": "Go",
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/titan",
"name": "titan",
"created_at": "2023-01-09T02:30:51Z",
"description": "Titan: A generic user defined reflective DLL for Cobalt Strike",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/debian-media-box",
"name": "debian-media-box",
"created_at": "2022-12-14T02:40:45Z",
"description": "“Debian 小药盒”,一个用来包装 Debian 安装介质的盒子设计和介绍用的说明书。",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/linux-exploit-suggester",
"name": "linux-exploit-suggester",
"created_at": "2022-09-29T03:10:04Z",
"description": "Linux privilege escalation auditing tool",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/Log4j2Passive",
"name": "Log4j2Passive",
"created_at": "2022-07-12T09:29:07Z",
"description": "Log4j2 RCE Passive Scanner plugin for BurpSuite",
"author": "zhzyker",
"language": "Java",
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/loading",
"name": "loading",
"created_at": "2022-07-01T00:56:40Z",
"description": "A collection of highly customisable loading bars for Go CLI apps.",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/zhzyker/JNDIExploit",
"name": "JNDIExploit",
"created_at": "2022-04-19T07:50:20Z",
"description": "对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改",
"author": "zhzyker",
"language": null,
"keyword": "zhzyker"
},
{
"link": "https://github.com/lijiejie/MisConfig_HTTP_Proxy_Scanner",
"name": "MisConfig_HTTP_Proxy_Scanner",
"created_at": "2023-04-17T11:50:13Z",
"description": "The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers",
"author": "lijiejie",
"language": "Python",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/EasyPen",
"name": "EasyPen",
"created_at": "2022-08-22T12:54:41Z",
"description": "EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation",
"author": "lijiejie",
"language": "JavaScript",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/lijiejie",
"name": "lijiejie",
"created_at": "2022-04-04T15:58:41Z",
"description": null,
"author": "lijiejie",
"language": null,
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/eyes.sh",
"name": "eyes.sh",
"created_at": "2022-03-31T14:41:00Z",
"description": "Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.",
"author": "lijiejie",
"language": "HTML",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/log4j2_vul_local_scanner",
"name": "log4j2_vul_local_scanner",
"created_at": "2021-12-20T12:07:41Z",
"description": "Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)",
"author": "lijiejie",
"language": "Python",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/swagger-exp",
"name": "swagger-exp",
"created_at": "2021-03-23T06:46:21Z",
"description": "A Swagger API Exploit",
"author": "lijiejie",
"language": "JavaScript",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/idea_exploit",
"name": "idea_exploit",
"created_at": "2019-05-29T12:21:46Z",
"description": "Gather sensitive information from (.idea) folder for pentesters",
"author": "lijiejie",
"language": "Python",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/struts2_045_scan",
"name": "struts2_045_scan",
"created_at": "2017-04-06T06:19:33Z",
"description": "Struts2-045 Scanner",
"author": "lijiejie",
"language": "Python",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/ds_store_exp",
"name": "ds_store_exp",
"created_at": "2017-01-24T11:48:50Z",
"description": "A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.",
"author": "lijiejie",
"language": "Python",
"keyword": "lijiejie"
},
{
"link": "https://github.com/lijiejie/BBScan",
"name": "BBScan",
"created_at": "2015-11-13T07:41:10Z",
"description": "A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers",
"author": "lijiejie",
"language": "Python",
"keyword": "lijiejie"
},
{
"link": "https://github.com/projectdiscovery/nuclei-templates-ai",
"name": "nuclei-templates-ai",
"created_at": "2024-12-04T01:46:51Z",
"description": "Repository of AI-generated Nuclei templates for public CVEs not yet covered by existing templates, enhancing detection speed and coverage 👾",
"author": "projectdiscovery",
"language": null,
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/nuclei-templates-test",
"name": "nuclei-templates-test",
"created_at": "2024-11-18T10:30:37Z",
"description": "Nuclei Templates test",
"author": "projectdiscovery",
"language": null,
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/defcon32",
"name": "defcon32",
"created_at": "2024-08-10T20:20:33Z",
"description": "Defcon 32 Workshop setup and info",
"author": "projectdiscovery",
"language": null,
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/actions",
"name": "actions",
"created_at": "2024-08-01T17:26:30Z",
"description": "ProjectDiscovery's Composite Actions",
"author": "projectdiscovery",
"language": "Shell",
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/goleak",
"name": "goleak",
"created_at": "2024-07-29T21:42:01Z",
"description": "Goroutine leak detector",
"author": "projectdiscovery",
"language": "Go",
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/tunnelx",
"name": "tunnelx",
"created_at": "2024-07-12T15:19:31Z",
"description": "TunnelX is a lightweight ingress tunneling tool designed to create a secure SOCKS5 proxy server for routing network traffic.",
"author": "projectdiscovery",
"language": "Go",
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/urlfinder",
"name": "urlfinder",
"created_at": "2024-04-30T13:41:12Z",
"description": "A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.",
"author": "projectdiscovery",
"language": "Go",
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/machineid",
"name": "machineid",
"created_at": "2024-02-26T14:39:38Z",
"description": "Get the unique machine id of any host (without admin privileges)",
"author": "projectdiscovery",
"language": "Go",
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/tldfinder",
"name": "tldfinder",
"created_at": "2024-01-30T16:27:23Z",
"description": "A streamlined tool for discovering private TLDs for security research.",
"author": "projectdiscovery",
"language": "Go",
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/projectdiscovery/go-smb2",
"name": "go-smb2",
"created_at": "2024-01-29T17:49:59Z",
"description": "SMB2/3 client library written in Go.",
"author": "projectdiscovery",
"language": "Go",
"keyword": "projectdiscovery"
},
{
"link": "https://github.com/HavocFramework/community-plugins",
"name": "community-plugins",
"created_at": "2024-08-03T17:42:20Z",
"description": "Repository for community provided Havoc plugins",
"author": "HavocFramework",
"language": null,
"keyword": "HavocFramework"
},
{
"link": "https://github.com/HavocFramework/Website",
"name": "Website",
"created_at": "2022-11-17T18:45:29Z",
"description": "source for https://havocframework.com",
"author": "HavocFramework",
"language": "HTML",
"keyword": "HavocFramework"
},
{
"link": "https://github.com/HavocFramework/.github",
"name": ".github",
"created_at": "2022-09-30T16:01:23Z",
"description": null,
"author": "HavocFramework",
"language": null,
"keyword": "HavocFramework"
},
{
"link": "https://github.com/HavocFramework/havoc-py",
"name": "havoc-py",
"created_at": "2022-09-11T20:07:26Z",
"description": "Havoc python api",
"author": "HavocFramework",
"language": "Python",
"keyword": "HavocFramework"
},
{
"link": "https://github.com/HavocFramework/Havoc",
"name": "Havoc",
"created_at": "2022-09-11T13:21:16Z",
"description": "The Havoc Framework",
"author": "HavocFramework",
"language": "Go",
"keyword": "HavocFramework"
},
{
"link": "https://github.com/HavocFramework/Talon",
"name": "Talon",
"created_at": "2022-09-11T02:23:22Z",
"description": "(Demo) 3rd party agent for Havoc ",
"author": "HavocFramework",
"language": "C",
"keyword": "HavocFramework"
},
{
"link": "https://github.com/HavocFramework/Modules",
"name": "Modules",
"created_at": "2022-09-08T14:45:08Z",
"description": "Modules used by the Havoc Framework",
"author": "HavocFramework",
"language": "C",
"keyword": "HavocFramework"
}
]

122
resources/JSON/huawei.json Normal file
View File

@ -0,0 +1,122 @@
[